Loading
Generated remediation guidance and an executive summary. No account required.
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php.
Use CWE-20, Coppermine vendor hub and Coppermine Photo Gallery product page to widen CVE-2008-0506 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2007-1414, CVE-2007-4283 and CVE-2007-3558 for nearby disclosures in the same product family.